85
submitted 21 hours ago* (last edited 20 hours ago) by MTK@lemmy.world to c/android@lemmy.world

I recently found out that a locked device (aka a carrier lock) is actually locked in two very different ways.

  1. the sim lock, which prevents you from using a sim card from a different carrier. This usually has some sort of policy regarding how and when to unlock the device (for Verizon it is if the device goes for 60 days without connecting to the Verizon network, might also need to be fully paid off as well)

  2. Bootloader lock, this locks the bootloader and therefore disables any way of flashing anything (rom, root, etc) This is not something that will automatically be unlocked as far as I can tell and only the carrier can modify it. Most carriers seem to have the basic decency to unlock the device if you request it from their support, but be warned that there is no guarantee. What is guaranteed, is that Verizon will tell you to fuck right off and will never unlock your device.

The point of this post is to bring awareness to this issue, it is on me that I didn't properly research this and just assumed that carrier lock means just a sim lock, but this sucked.

I bought a pixel 8 which was sim-unlocked but sadly, as I discovered, its bootloader was locked and the "oem unlock" option was grayed-out. This is because it was a Verizon model that was out of the network but still, a Verizon model...

As of right now there are no known exploits against this device / Android version, and so, there is no known way to bypass this.

I literally argued, begged, and threatened Verizon. And their official stand is that they don't allow bootloader unlocks, they don't have the ability to do them (A lie) and that it will degrade my experience (Idiots)

So I started doing anything I could think of. I tried old exploits that were patched (unsurprisingly they failed), I tried sideloading other versions of stock android (worked but didn't affect the bootloader), I even setup mitm wifi hotspot that has a transparent tls inspection (see PolarProxy) but it seems that the OS does not trust any "user" CAs and so it tries to connect to android.googleapis.com, sees that the CA is not a system CA and aborts the bootloader check, which keeps it grayed-out. My idea was to spoof a valid response but apparently Android has good security practices (who knew)

Short of reversing the OS/Bootloader, it seems there is nothing to do.

So this is my warning to you, don't buy carrier models, but if you do, make sure the oem unlock option works, but if you don't, absolutely never buy a Verizon model.

ETA: I bought second-hand under the impression that it was an unlocked device, I thought that by checking sim compatibility I verified that it was, I was wrong.

top 26 comments
sorted by: hot top controversial new old
[-] nutbutter@discuss.tchncs.de 2 points 51 minutes ago

Is carrier locking an America-only thing? I have never seen this in India, and have never heard of this in any European country either.

[-] AnimalsDream@slrpnk.net 3 points 4 hours ago

The thing that annoys me is the way virtually all of these phone models have minor variants that go undocumented in the store pages. I ordered my last phone online, after first searching to make sure it was a model that was supported by the roms I like. The store page advertised it as unlocked, and that it supports GSM. Both of these things are true, and yet it turned out to be a "Verizon" model variant (believe it supports both GSM and whatever Verizon's networks are called these days, cdsm). It sucks because this small variation casts doubt and may reduce which roms I can install (haven't gotten around to flashing one yet). And the other annoyance is that even though it does work fine with my carrier, I still get an annoying notification every time I reboot my phone that complains about the SIM not being a Verizon one even though it works just fine.

[-] humble_pete_digger@lemm.ee 3 points 6 hours ago

You'll be shocked to find out there is no Santa.

[-] qjkxbmwvz@startrek.website 21 points 15 hours ago

Verizon will tell you to fuck right off and will never unlock your device.

Will never unlock their device.

[-] Scubus@sh.itjust.works 0 points 6 hours ago

ITT Verizon just became apple

[-] node815@lemmy.world 6 points 12 hours ago

I have a Pixel 8a from Verizon, as someone else here said, they sometimes have crazy deals. This was a free one (through bill credits) for us. It was right after Google released that version and before 9. I quickly discovered that even with Google's beta program which you can FREELY USE and all it requires you to do is connect your phone via usb through the web and it patches your phone via Google's site to install it. I'm a beta testing type of person, so I was all in, until I discovered there was no way no how because of the bootloader.

Then, on top of that the, GraphineOS is not able to be installed with it locked as well. I haven't approached Verizon about unlocking the bootloader. I've heard some success stories on XDA I think it was about people getting theirs unlocked through them. (Probably if you get a tech who's in a good mood helps).

[-] BearOfaTime@lemm.ee 10 points 15 hours ago

This is old news.

Verizon devices have been bootlocked since about 2011.

The OG Droid was unlocked, everything after that was bootloader locked.

[-] Crashumbc@lemmy.world 1 points 6 hours ago

Yup, there were a couple times people managed to find cracks. But other than that.

[-] whodatdair@lemmy.blahaj.zone 8 points 14 hours ago

I recall that they wouldn’t even let you bring your own unlocked device for a while - they remember us rooting to get free tethering when they wanted an extra $30/mo for that, greedy fucksticks

[-] MangoPenguin@lemmy.blahaj.zone 8 points 16 hours ago

As far as I know Verizon is main carrier doing this. They've always been an absolutely horrible company.

[-] WagnasT@lemmy.world 5 points 15 hours ago

Well the pixel 8 will be supported for quite a while, for now you've tried all the things you can but if you prevent it from updating maybe they'll publically patch an exploit you can use to gain root. I think Verizon in particular does this because they eat a lot of the cost for the phone and lock you into using their network, they want that cost recouped but since they're not legally required to unlock it after they recoup their cost they will do nothing. They should legally be required to allow bootloader unlocking after they stop supporting it but regulators are too busy inventing reasons for us poors to hate eachother.

[-] shortwavesurfer@lemmy.zip 8 points 20 hours ago

I'm sorry you had to go through this but only ever by devices from the manufacturer and make sure that you buy them at full price and that they are not tied to a carrier when you buy them and you'll be all right.

[-] Dutchie@lemmy.world 6 points 19 hours ago* (last edited 15 hours ago)

In netherlands a sim lock is not allowed for years. Nokia had never sim locks on their phones. As far as I know, bootloader locks are done by the manufaturer not by the provider. Edit down -> done

[-] Markaos@discuss.tchncs.de 3 points 14 hours ago

As far as I know, bootloader locks are done by the manufaturer not by the provider.

Verizon requires the phones they sell to NOT have the ability to unlock the bootloader. That's why there are separate factory images for Verizon Pixels.

[-] tb_@lemmy.world 4 points 15 hours ago

The manufacturer can also lock the bootloader, but carriers in the US are a special kind of fucky.

[-] IDKWhatUsernametoPutHereLolol@lemmy.dbzer0.com 8 points 20 hours ago* (last edited 20 hours ago)

I think the point is, if you could flash an OS, you could theoretically bypass sim locking.

Is your device already sim unlocked? Is so, you just connect to the internet with developer menu turned on, then wait (anywhere from hours to days, like let this happen in the background, it doesn't have to stay on the screen) and hope the option becomes selectable. And reboot once a day to see if the menu option changes. I had a sim locked device that had the option suddebly become available for some reason.

[-] davidgro@lemmy.world 16 points 20 hours ago

It's simply a 'known issue' which OP unfortunately discovered first-hand, that Verizon specific models have a modified OS that cannot ever be bootloader unlocked (without exploits) - regardless of SIM lock. It really is their corporate policy. And why I buy my devices directly from the OEM even though I could in theory get a discount from Verizon (happens to be my carrier... For now.)

[-] 30p87@feddit.org 8 points 20 hours ago

Why would you buy through a carrier anyway? Especially because if it's cheaper than from the manufacturer, it means that YOU are the product too. In the end, the carrier version is also much more bloated. Which in some countries/providers (eg. Etisalat) actually includes Pegasus in the official provider app.

Is it just much less common to buy a carrier device here, in germany, or do you need to be in the brainrotted part of GenZ or something for that?

[-] bdonvr@thelemmy.club 3 points 15 hours ago

US providers can sometimes have pretty crazy discounts.

What I want to know is why can't phone manufacturers stand up to these mobile providers? Apple doesn't let carriers do this crap. You buy an iPhone from whatever carrier and it's identical to retail (can be locked to a network, if you're doing payments though even SIM locking is becoming less common)

[-] BearOfaTime@lemm.ee 4 points 15 hours ago

Why would manufacturers "stand up" to them?

They sold the phone to them. End of story.

[-] bdonvr@thelemmy.club 1 points 13 hours ago

Same reason Apple did, makes their devices feel cheap and shitty. Possibly losing return customers.

[-] solrize@lemmy.world 4 points 20 hours ago

I know that woot sells lots of older models of phones and they always mention when it is a Verizon phone with a locked boot loader. IDK if you get a price break for those.

I'm actually thinking of buying a sim locked phone (those are incredibly cheap up front, since they then expect to sell you an overpriced mobile plan) and using it without a sim (wifi only) as a secondary device for various purposes. I don't know if this idea works though.

[-] WhiteOakBayou@lemmy.world 6 points 19 hours ago

It does. I have an old Verizon phone as the white noise player / HA control in my kids bedroom. You will have all the bloat and whatever other services they install in there too though.

[-] BearOfaTime@lemm.ee 2 points 14 hours ago

Get the Universal Android Debloat Utility, it's pretty good at letting you know what can be disabled.

[-] BearOfaTime@lemm.ee 1 points 14 hours ago

Unlocked boot definitely costs more.

There's also swappa, but I've had best luck on ebay. Some sellers are very clear about unlocked bootloader.

[-] TokenEffort@sh.itjust.works 3 points 21 hours ago

I've always viewed locked devices as bad news oof I always buy phones from Amazon. I considered rooting just to change the font but it seems like a lot of effort considering I use Google pay & stuff. I know no one asked

this post was submitted on 24 Dec 2024
85 points (96.7% liked)

Android

28180 readers
285 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules


1. All posts must be relevant to Android devices/operating system.


2. Posts cannot be illegal or NSFW material.


3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.


4. Non-whitelisted bots will be banned.


5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.


6. Memes are not allowed to be posts, but are allowed in the comments.


7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.


8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.


Community Resources:


We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.


Our Partner Communities:

!android@lemmy.ml


founded 2 years ago
MODERATORS